dave14305
Part of the Furniture
BIND is not Unbound.
BIND is not Unbound.
This specifically relates to out dated bind servers. Unbound is kept pretty well up to date as it relates to security concerns.
In my configuration, I set accept DNS configuration to disabled in VPN client. In this setup, VPN client still use unbound which is what I wanted. I have tried other strict and exclusive before but I couldn't remember exactly what's the behavior. Did you get your desired DNS resolver to work? I can test it out for you on my device.Hello
Anyone knows cases where Unbound might take precedence over VPN client DNS rules (set to Strict/Exclusive)?
That is, would the Open VPN DNS rules still be enforced for relevant clients where Unbound is the default DNS resolver?
Is that were the case, should specific rules be specified by way of user script? Any lead?
Thanks.
Thank youIn my configuration, I set accept DNS configuration to disabled in VPN client. In this setup, VPN client still use unbound which is what I wanted. I have tried other strict and exclusive before but I couldn't remember exactly what's the behavior. Did you get your desired DNS resolver to work? I can test it out for you on my device.
Edit: I just did a quick test. With strict, my pc still resolve with unbound. With exclusive, my pc resolve using VPN DNS. All these is done with DNS filter set to router.
That is assuming that haveged is the cause of the issue with Jitterentropy-rngd. that user just stated they had jitterentropy-rngd causing high cpu spikes. nothing actually showing haveged causing the problem.Any news about this?
Jitterentropy-Rngd high CPU use
Recently updated my RT-AC88U to 386.2.4 . Since, I have seen very high CPU usage from the jitterentropy-rngd daemon, somtimes as high as 80% getting close to maxing out both cores. On a positive note this is not consistent. It waxes and wanes with usage increases when WAN throughput is higher...www.snbforums.com
It seems that haveged is deprecated....
Sorry but you totally missed the point.That is assuming that haveged is the cause of the issue with Jitterentropy-rngd. that user just stated they had jitterentropy-rngd causing high cpu spikes. nothing actually showing haveged causing the problem.
I get what you are saying , but I would leave it until it is determined there is not some underlying issue with jitterentropy-rngd. As you can see from that OP , the issue was still open as to why that user had cpu spikes. It brings in to question the full effectiveness of jitterentropy-rngd on some model routers.Sorry but you totally missed the point.
In the thread Merlin said to inform scripts developers to remove haveged from the scripts, because jitterentropy does the same thing.
See post #9 in the thread I mentioned...
I have my unbound traffic running through my VPNUnbound, meaning my router, is my DNS, and if it can't serve the IP that's queried, it goes to the Auth servers maintained by iCANN (just like CF, Google etc).
that's assuming unbound is up and running - if for some reason it hasn't launched in a reboot or otherwise fails, I've pointed my router to Canadian Shield (i'm within that jurisdiction), with CF as a backup in case they're down. surely at some point my ISP sees some of this (CF may be under the same roof as my ISP's servers), but for the hopefully brief moments of time that this might be the case, I'm surely not transmitting/receiving anything on my network's end that could be compromising.
Scheduled reboots during times you are not actively online may help alittle.I'm having fairly regular power fluctuations in my area of late (as the grid learns to compensate for Air conditioners, I presume) and anytime it does, I lose the GUI for the addons I run. this is a problem since updating to v386 for me - If someone can point me in the direction of resolving this (other than a factory reset), I'd be very appreciative.
I used to add some delay in post-mount script before unbound but not anymore. Not sure if this will help.I'm having fairly regular power fluctuations in my area of late (as the grid learns to compensate for Air conditioners, I presume) and anytime it does, I lose the GUI for the addons I run. this is a problem since updating to v386 for me - If someone can point me in the direction of resolving this (other than a factory reset), I'd be very appreciative.
[1626008669] unbound-control[29323:0] error: connect: Connection refused for 127.0.0.1 port 953
'key-cache-size:' (N/A)
[1626008669] unbound-control[29329:0] error: connect: Connection refused for 127.0.0.1 port 953
[1626008669] unbound-control[29331:0] error: connect: Connection refused for 127.0.0.1 port 953
'msg-cache-size:' (N/A) 0% used (N/A)
[1626008669] unbound-control[29346:0] error: connect: Connection refused for 127.0.0.1 port 953
[1626008669] unbound-control[29348:0] error: connect: Connection refused for 127.0.0.1 port 953
'rrset-cache-size:' (N/A) 0% used (N/A)
Seems to be we have again problems with Unbound after Entware upgrade. I will wait until the update of Unbound is available via amtm script.Following the updated versions of unbound added to entware
unbound-anchor - 1.13.1-2
unbound-checkconf - 1.13.1-2
unbound-control - 1.13.1-2
unbound-daemon - 1.13.1-2
the unbound script is to longer completing
Code:[1626008669] unbound-control[29323:0] error: connect: Connection refused for 127.0.0.1 port 953 'key-cache-size:' (N/A) [1626008669] unbound-control[29329:0] error: connect: Connection refused for 127.0.0.1 port 953 [1626008669] unbound-control[29331:0] error: connect: Connection refused for 127.0.0.1 port 953 'msg-cache-size:' (N/A) 0% used (N/A) [1626008669] unbound-control[29346:0] error: connect: Connection refused for 127.0.0.1 port 953 [1626008669] unbound-control[29348:0] error: connect: Connection refused for 127.0.0.1 port 953 'rrset-cache-size:' (N/A) 0% used (N/A)
Welcome To SNBForums
SNBForums is a community for anyone who wants to learn about or discuss the latest in wireless routers, network storage and the ins and outs of building and maintaining a small network.
If you'd like to post a question, simply register and have at it!
While you're at it, please check out SmallNetBuilder for product reviews and our famous Router Charts, Ranker and plenty more!